DNS with 2 servers and 2 domains

  • Thread starter Thread starter Riven
  • Start date Start date
R

Riven

Hi, I run a network with the following machines:

1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It has been upgraded from Windows NT 4.0 Server.
1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain. I use this server for communications (Exchange, proxy, VPN, etc....)

I have problems with the DNS. If I put as DNS server the first server, outlook clients have problems to reach second server. If I remove the DNS Servers, then In some time clients can't get to files in first and second server.

I also get 5774 errors in second server.
 
The clients point to the first server, but then we have problems reaching second server, f.e otulook tells that the server can't be reached, If you click on connect again, then it works, but slowly.
My intention was to make the first server the primary server and the second a secondary one, but when I try to update second one's reverse lookup zone it tells that it doesn't work.

I run a NSLOOKUP on both servers (translated from spanish)

1.-Can't reach the name of the server for address 10.0.0.9 (the internal address of server): non-existent domain

Server: localhost
address: 127.0.0.1

2.-Server: Minerva.ttd.net
address: 194.179.1.100 (Is the address for external DNS)

First server don't have direct internet access and DNS points to itself. Second server have direct access to internet and have default gateway and 2 external DNS
"William Stacey" <[email protected]> escribió en el mensaje Need more info. What dns servers do the clients point to? Are the zones the same on both servers (i.e. one the primary and one the secondary?
Hi, I run a network with the following machines:

1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It has been upgraded from Windows NT 4.0 Server.
1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain. I use this server for communications (Exchange, proxy, VPN, etc....)

I have problems with the DNS. If I put as DNS server the first server, outlook clients have problems to reach second server. If I remove the DNS Servers, then In some time clients can't get to files in first and second server.

I also get 5774 errors in second server.
 
In Riven <[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.
I've made clients point to both servers and I solved some issues, but
it's clear that something is not working fine
"Riven" <[email protected]> escribió en el mensaje

The clients point to the first server, but then we have problems
reaching second server, f.e otulook tells that the server can't be
reached, If you click on connect again, then it works, but slowly.
My intention was to make the first server the primary server and the
second a secondary one, but when I try to update second one's reverse
lookup zone it tells that it doesn't work.

I run a NSLOOKUP on both servers (translated from spanish)

1.-Can't reach the name of the server for address 10.0.0.9 (the
internal address of server): non-existent domain

Server: localhost
address: 127.0.0.1

2.-Server: Minerva.ttd.net
address: 194.179.1.100 (Is the address for external DNS)

First server don't have direct internet access and DNS points to
itself. Second server have direct access to internet and have default
gateway and 2 external DNS
"William Stacey" <[email protected]> escribió en el mensaje

Need more info. What dns servers do the clients point to? Are the
zones the same on both servers (i.e. one the primary and one the
secondary?

Hi, I run a network with the following machines:

1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It
has been upgraded from Windows NT 4.0 Server.
1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain.
I use this server for communications (Exchange, proxy, VPN, etc....)

I have problems with the DNS. If I put as DNS server the first
server, outlook clients have problems to reach second server. If I
remove the DNS Servers, then In some time clients can't get to files
in first and second server.

I also get 5774 errors in second server.
Click to expand...

The Fix for this is pretty simple, I'll explain since the second server is pointing to your ISP's DNS it cannot register its name in your local domain, that is why it is unreachable. The first server should be pointing to it own private IP not the 127.0.0.1 loopback addreess, It is pretty easy to fix.

Are both DCs in the same AD Domain?
1. Point the first DC to its own private address for primary then to the second DC Secondary (if the second DC has DNS)
2. Point the second DC to the first DC for DNS Primary then to its own address Secondary (if it has DNS installed)
3. Point the clients to both DCs if both have DNS
Do NOT use ISP's DNS in any NIC TCP/IP properties!

If these two DCs are in different Domains just point both of them to their own private address

The clients should point to the DC for DNS for the domain they are members of.

For internet access configure both DNS servers as per step 3 of this KB article: 300202 - HOW TO Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202&FR=1
 
In
The Fix for this is pretty simple, I'll explain since the second
server is pointing to your ISP's DNS it cannot register its name in
your local domain, that is why it is unreachable. The first server
should be pointing to it own private IP not the 127.0.0.1 loopback
addreess, It is pretty easy to fix.

Are both DCs in the same AD Domain?
1. Point the first DC to its own private address for primary then to
the second DC Secondary (if the second DC has DNS)
2. Point the second DC to the first DC for DNS Primary then to its
own address Secondary (if it has DNS installed)
3. Point the clients to both DCs if both have DNS
Do NOT use ISP's DNS in any NIC TCP/IP properties!

If these two DCs are in different Domains just point both of them to
their own private address

The clients should point to the DC for DNS for the domain they are
members of.

For internet access configure both DNS servers as per step 3 of this
KB article: 300202 - HOW TO Configure DNS for Internet Access in
Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202&FR=1

--
Click to expand...


Also, would like to add, if they are two different zones on each server,
(seems that way from the description), I would put a secondary zone on the
first server on the second server and vice-versa. This will satisfy the
requirements of the fact that mutiple listings in IP properties are meant to
be a fault tolerance mechanism and not load balancing. Also, if it tries the
first, and the answer is not there, it uses the second, but DOES NOT go back
to the first unless the machine is restarted or the DNS Client service is
restarted. So it would be alot easier on everything if there are copies of
both zones on each machine.

Also, that nslookup record just means that there is no reverse zone created
or a missing PTR in the reverse zone. It will still work, just ignore the
error or create a reverse zone and make sure there is a PTR entry for the
DNS server.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
I've done all and all is worknig fine, but I have now a new problem, I can't
see my webpage from IsaServer on SBS server. More information:

I have an internet domain .com
My first server controls an internal domain called the same as my internet
..com
My second server (SBS) controls another domain.
Now that external DNS are on DNS, I can't reach my .com webpage through my
proxy.
Best regards,

Riven
 
Back
Top